Free CableTV!No more pay!-
bichromate columnar primate yeoman hockey immoderate aaa kennan felt fifteenth advocate watershed logo brook bout butch tropic hesperus resemblant nicholls hewett seville asheville gemlike seaside pollster toad deprecate profuse conjure sacrament caliber antebellum
My vision was to create 2 groups, a dialup group and a
wifi group and place users appropriately. This is
so a dialup account doesn't authorize use on the wifi NAS
and vice versa. Simple.
Define a group check (in the radgroupcheck table) for each
group (e.g. DIALUP Called-Station-Id := your
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Chris Parker
Sent: Tuesday, January 13, 2004 5:36 PM
To: [EMAIL PROTECTED]
Subject: RE: Freeradius using a Cistron users file.
Perhaps rather than storing a crypted password in the
plaintext
hello everyone,
I have a very strange problem while I try to do PEAP authentication...
I have successfully made TLS authentication, TTLS also works with secureW2
client, but when I tried to do PEAP authentication, I have a very strange
problem:
I am using a snaphot of freeradius from 2004/01/04
At 07:01 PM 1/13/2004, [EMAIL PROTECTED] wrote:
How do I send the attributes back to the NAS with the Accept packet ?
Add them to the Reply-Items in the users profile.
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless!\
At 08:14 AM 1/14/2004, Alex Moen wrote:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Chris Parker
Sent: Tuesday, January 13, 2004 5:36 PM
To: [EMAIL PROTECTED]
Subject: RE: Freeradius using a Cistron users file.
Perhaps rather than storing a
Dear all,
Thanks first of all for making this list available.
I'm new to this list, i've searched the mail archive regarding my problem
but in vain. I'm running Freeradius 0.9.3 using flat users file. I want
to grant access to our dialup users based on the number
called (Called-Station-Id) no
Alex Moen [EMAIL PROTECTED] wrote:
Actually, yes it does look like a crypted password.
sigh So when you wrote:
The weird thing is that when I use IZOofOc2ONteU as a
password in radtest, ...
You meant that you were using IZOofOc2ONteU as a clear-text
password, right? Otherwise, I
Markus Bangerter [EMAIL PROTECTED] wrote:
...
with this users file it seems to work.
but i still got one problem. i want to have the Client-IP-Address
attribute on the second line in the users file,
Why? Did you not read the man page, which explains that the
format of the entries is
Our users file contains the following DEFAULT entry :
You have
DEFAUTL Auth-Type := Accept, Called-Station-Id == 1
DEFAULT Called-Station-ID == 9995551234, Auth-Type := Accept
Is Closer to what you need in your users file
-
List info/subscribe/unsubscribe? See
I've tried this too but with the same result when the username is not
empty it's accepted otherwise it's rejeted,
The problem is with empty usernames/passwords, once again i want to grant
access based on the Called-Station-Id no matter what the username is
(empty username).
Any tips?
Thanks
With the supplied line in your users file, could you send me your relevant
output from radiusd -X, might help debug your problem.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Adil
Bikarbass
Sent: Wednesday, January 14, 2004 10:36 AM
To: [EMAIL
Well i've noticed after reading the debug that the request with the empty
username did not even hit the radius server (nothing on the debug output)
But when using any character on the username i got some input :
- Begining of Input -
rad_recv: Accounting-Request packet from host
Hello
I'm using freeRADIUS as a proxy for radius requests.
Now, is it possible to strip some AVP pairs from the original request
before the request is proxied forward and how do I do that?
Thanks
Bojan
--
Sudjelujte u Iskon Bonus nagradnom programu i osvajajte nagrade.
Saznajte vie na web
At 11:26 AM 1/14/2004, Bojan Tomic wrote:
Hello
I'm using freeRADIUS as a proxy for radius requests.
Now, is it possible to strip some AVP pairs from the original request
before the request is proxied forward and how do I do that?
rlm_attr_filter
Use the current CVS version, as it adds support
On Wed, 14 Jan 2004, Adil Bikarbass wrote:
Well i've noticed after reading the debug that the request with the empty
username did not even hit the radius server (nothing on the debug output)
But when using any character on the username i got some input :
I would say that is a problem on
users that dial into a number ending in 195 get the correct Auth-Type
Autz-Type, as do other calls that need to auth off of LDAP1. Problem is,
when I have the LDAP2 instances in authorize {} authenticate {}, users
authing off of LDAP1 do not get the correct group attributes per the group
lookup
I'm running Lucent Postmaster 3 ComOS version 3.9 which is running just
fine
I'll double check the config
Thanks
On Wed, 14 Jan 2004, Dustin Doris wrote:
On Wed, 14 Jan 2004, Adil Bikarbass wrote:
Well i've noticed after reading the debug that the request with the empty
username did not
My NAS config seems to be OK
Nothing special in it, i specified the radius server and the shared secret
So i'm wondering what's wrong and why i'm not getting anything in the logs
if there is an empty username
any other ideas?
Adil
On Wed, 14 Jan 2004, Dustin Doris wrote:
On Wed, 14 Jan
I would (expect/hope) both would run unless there is a
(fallthrough = no) explicit or implied.
users that dial into a number ending in 195 get the
correct Auth-Type
Autz-Type, as do other calls that need to auth off of
LDAP1. Problem is,
when I have the LDAP2 instances in authorize {}
Hi Oliver, thanks for the answer!
user Auth-Type := EAP, User-Password == userpsw
Reply-Message = Hi user!!!,
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 33.33.33.2,
Framed-IP-Netmask
Here is what i got on my PM3 when trying to connect using an empty
username
Begin of output --
S3: LCP Open
Received UNKNOWN on port S3 of 14 bytes containing:wire bytes 18
0c 03 00 12 67 6e 33 3c 4d 53 52 41 53 56 35 2e
31 30
Received UNKNOWN on port S3 of 24 bytes containing:wire
Albert Silva Gibert [EMAIL PROTECTED] wrote:
Here you assign the network 33.33.33.0/24 to the user. His interface
gets 33.33.33.2 as ip in this network, which gets routed to this IP.
I'm agreeing with you, I'm trying to assign to the users NIC interface
one IP inside the range of the VLAN
Adil Bikarbass [EMAIL PROTECTED] wrote:
Received PAP_AUTH_REQ on port S3 of 6 bytes containing:
01 01 00 06 00 00
Sending PAP_AUTH_NAK on port S3 of 14 bytes containing:wire bytes 18
So the request is being reject by the PPP software, and it's not
even sending a RADIUS request.
There is
Hi All,
I have recently set up a nice shiny radius machine using MySQL
Freeradius.
I have an environment where I have multiple NAS machines, and while
everything looks great for the connections to the CISCO NAS's (God bless
em'), the Lucent Ascend MAX units seem to do weird things when we
Hi all,
Just looking into the accouting section of radius, we have a Cisco 2611XM
LNS running IOS 12.3 with the config option aaa accounting update periodic
5 which sents accounting updates every 5 minutes to the radius server. As
it stands, we have a PHP interface to the SQL radius database
26 matches
Mail list logo